69bd9b449a4c4493ee9ec95cab196ad7_JaffaCakes118

General

Target

69bd9b449a4c4493ee9ec95cab196ad7_JaffaCakes118
Size

186KB
MD5

69bd9b449a4c4493ee9ec95cab196ad7
SHA1

88e6af18b564a2f68dd5a83cdb8a918df1e3c4ab
SHA256

e2fac18f00507be6bae8caae696125a766fb24711df4122715686b2b34ae4722
SHA512

b6b0c5c98a3de6553dc0f0129973b7564ccb6f147a8b994ea9d562c4b5092484199581650d69b79863637ac82822ea4f7db27bfb56d7527a439e4931170cbfea
SSDEEP

3072:SMb5ULMBil98yKA6DitVhfNVZctyOFtL0p0iG+7RA1bz1FiY:XBil98PAziyOFTifRAJ1Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69bd9b449a4c4493ee9ec95cab196ad7_JaffaCakes118

Files

69bd9b449a4c4493ee9ec95cab196ad7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4d853831eb7c28dc51a8c226a1884e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
UpdateWindow

advapi32

CloseServiceHandle
RegOpenKeyExA
GetLengthSid

kernel32

CompareStringW
SetEnvironmentVariableA
EnterCriticalSection
GetProcAddress
LoadLibraryA
lstrlenA
GetTickCount
lstrcpyA
MultiByteToWideChar
WritePrivateProfileStringA
GetLastError
ReadFile
GetStdHandle
WriteFile
CreateFileA
CloseHandle
SetFilePointer
SetEndOfFile
WideCharToMultiByte
VirtualAlloc
VirtualFree
CompareStringA
HeapReAlloc
HeapAlloc
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapFree
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4d853831eb7c28dc51a8c226a1884e8

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 98KB - Virtual size: 110KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 98KB - Virtual size: 110KB

.rsrc
Size: 19KB - Virtual size: 18KB